package hotboxr::Controller::User;
use Moose;
use DateTime;
use Crypt::Rijndael;
use namespace::autoclean;

BEGIN {extends 'Catalyst::Controller::REST'; }

=head1 NAME

hotboxr::Controller::User - Catalyst Controller

=head1 DESCRIPTION

Catalyst Controller.

=head1 METHODS

=cut


sub login : Local : ActionClass('REST') { }
sub login_POST {
    my ($self, $c) = @_;

    #validate params: username & password
    my $user = $c->authenticate();
    $c->forward('unauth','failed to authenticate') if !defined $user;
    $self->status_ok($c,entity => { 
        session_key => $user->crypted_session_key, 
        user_data =>{
            #num viewed, etc
            #verification weight
        }
    });
    $c->forward('View::JSON');
}

sub logout : Local : ActionClass('REST') { }
sub logout_POST {
    my ($self, $c) = @_;
    
    my $user = $c->authenticate({logging_out => 1});
    $c->forward('unauth','could not find user') if !defined $user;
    $c->status_ok($c, entity => { logged_out => $user->is_logged_out });
    $c->forward('View::JSON');
}

sub register : Local : ActionClass('REST') { }
sub register_POST {
    my ($self, $c) = @_;
    
    my $mongo = $c->model('Model'); #TODO chare _validate db with Image
    my $desired_name = $c->req->param('desired_name') || '';
    #share error response - throw if no desire name
    my $is_available = $mongo->is_name_available($desired_name);
    #error response if name unavailable
    my $password = $c->req->param('desired_password') || '';
    $password =~ s/\s*//g;
    $c->forward('error_response',['password must be greater than 4 characters']) if (length($password) < 4);

    #insert user
    my $cipher = Crypt::Rijndael->new( $c->config->{crypt_key}, Crypt::Rijndael::MODE_CBC() );
    my $success = $mongo->insert_wrap('users',{ 
        name => $desired_name,
        password => $cipher->encrypt($password), 
        registration_ip => $c->req->address, 
        registration_date => DateTime->now 
    });
    my $user = $c->authenticate(username => $desired_name, password => $password); #make sure it worked, create session.

    #TODO catch errors
    $c->status_ok($c,entity => { session_key => $user->crypted_session_key });
    $c->forward('View::JSON');
}

sub desired_name : Local : ActionClass('REST') { }
sub desired_name_GET {
    my ($self,$c) = @_;
    my $mongo = $c->model('Model'); #TODO chare _validate db with Image
    my $desired_name = $c->req->param('desired_name') || '';
    #share error response - throw if no desire name
    my $is_available = $mongo->is_name_available($desired_name);
    $self->status_ok($c,entity => {availability => $is_available});
}

sub unauth : Private {
    my ($self,$c,$msg) = @_;
    $self->status_ok($c,entity => { authentication_error => $msg });
    $c->forward('View::JSON');
    $c->detach();
}


=head1 AUTHOR

A clever guy

=head1 LICENSE

This library is free software. You can redistribute it and/or modify
it under the same terms as Perl itself.

=cut

__PACKAGE__->meta->make_immutable;

1;
